CVE-2026-3502 is a vulnerability tracked across 2 threat clusters and 4 intelligence report mentions on ThreatCluster. First observed March 31, 2026; most recent activity April 2, 2026.
In early 2026, a series of targeted attacks named Operation TrueChaos exploited a zero-day vulnerability in TrueConf software, tracked as CVE-2026-3502, which allows attackers to execute arbitrary files on connected…
In March 2026, a suspected Iranian APT group, identified as Gray Sandstorm, initiated a password spraying campaign targeting Microsoft 365 accounts of over 300 organizations in Israel and more than 25 in the UAE. The…